Accepting request 160822 from Virtualization

add libvirt-iptables-1.4.18.diff, fix masquerading with iptables v1.4.18 (forwarded request 160819 from seife)

OBS-URL: https://build.opensuse.org/request/show/160822
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvirt?expand=0&rev=116

libvirt-iptables-1.4.18.diff

@@ -0,0 +1,31 @@
+Index: b/src/util/viriptables.c
+===================================================================
+--- a/src/util/viriptables.c
++++ b/src/util/viriptables.c
+@@ -478,22 +478,22 @@ iptablesForwardAllowRelatedIn(iptablesCo
+                                     VIR_SOCKET_ADDR_FAMILY(netaddr),
+                                     action,
+                                     "--destination", networkstr,
+                                     "--in-interface", physdev,
+                                     "--out-interface", iface,
+-                                    "--match", "state",
+-                                    "--state", "ESTABLISHED,RELATED",
++                                    "--match", "conntrack",
++                                    "--ctstate", "ESTABLISHED,RELATED",
+                                     "--jump", "ACCEPT",
+                                     NULL);
+     } else {
+         ret = iptablesAddRemoveRule(ctx->forward_filter,
+                                     VIR_SOCKET_ADDR_FAMILY(netaddr),
+                                     action,
+                                     "--destination", networkstr,
+                                     "--out-interface", iface,
+-                                    "--match", "state",
+-                                    "--state", "ESTABLISHED,RELATED",
++                                    "--match", "conntrack",
++                                    "--ctstate", "ESTABLISHED,RELATED",
+                                     "--jump", "ACCEPT",
+                                     NULL);
+     }
+     VIR_FREE(networkstr);
+     return ret;

libvirt.changes

@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Sun Mar 24 20:05:28 UTC 2013 - seife+obs@b1-systems.com
+
+- add libvirt-iptables-1.4.18.diff, fix masquerading with iptables
+  v1.4.18 (--state match is deprectated, use conntrack instead)
+
 -------------------------------------------------------------------
 Fri Mar  8 12:00:39 MST 2013 - jfehlig@suse.com
 

libvirt.spec

@@ -422,6 +422,7 @@ Patch0:         ce4557c3-apparmor-tapfd-label.patch
 Patch100:       xen-name-for-devid.patch
 Patch101:       clone.patch
 Patch102:       xen-pv-cdrom.patch
+Patch103:       libvirt-iptables-1.4.18.diff
 # Our patches
 Patch200:       libvirtd-defaults.patch
 Patch201:       libvirtd-init-script.patch
@@ -562,6 +563,7 @@ Authors:
 %patch100 -p1
 %patch101
 %patch102 -p1
+%patch103 -p1
 %patch200 -p1
 %patch201 -p1
 %patch202 -p1